VaR was developed by JPMorgan risk group in the early 1990s. Most of that risk group left to start a consultancy to sell the risk management calculation to other banks. It was originally developed because the executives at JPMorgan wants a simple way to wrap up all of the risk into a single number. VaR is the amount in dollars that the institution is expected to lose before trading begins the following day, and therefore required to borrow overnight. The calculation was inserted into a report called the 4:15 Report, which was a report that came up at, you guessed it, 4:15 PM, or fifteen minutes after each trading day. The tool became very effective and useful, so much so that Basel II Accord incorporated it.

CVaR is nothing more than taking the various risk variables and then weighting them for what a risk manager believes is a more accurate view of the market risk. Obviously this has some subjectivity to it. The idea is that VaR doesn’t weigh risks from, say, lending equities differently from trading on the bank’s books.

Controversy

There has been a long running controversy over VaR, and therefore CVaR. VaR is a probability calculation and therefore it doesn’t tell its reader how much the firm could lose. It tells the reader how much the firm will likely lose. The qualitative difference between the statements is the former is a definitive number while the latter is a forecast. The former is accurate and the latter is prediction, which is inherently inaccurate. The quantitative difference is $0 and infinity. Since VaR is used to either insure against losses through borrowing or hedging, it is merely spreading the risk of loss and therefore, making the whole capital markets system bear the risk of a firm. The benefit is that because it is probability-based, it is very good when the markets are normal. VaR opponents says there is no such thing as normal.

Opinion

Both sides are right. VaR is an effective tool to manage risks that stem from business-as-usual. But management rely heavily on it, and the system gradually build up risks for firms and eventually implodes. And it is a poor way to forecast extraordinary large risks, also known as tail risk. As a matter of fact, it is specifically designed to truncate the tail risk so that it can arrive at a dollar figure. One way to think about how this cannot work in all situations is to think about shorting a stock. If you buy a share of XYZ for $10, the most you can lose is $10 because the value of the shares cannot go below $0 and shareholders are not liable for debts beyond the the value of equity and assets. But if you short XYZ, it means you lose money every time XYZ’s price goes up. Well, there is no upper limit to how high the stock price can go. This is the reason why, as long as a bank holds shorts of any sort, it can lose infinite amount of money. Not likely, but possibly.

So, while both sides are right, only the side in favor is wrong. Easy to say, but hard to swallow if you are managing a bank and you need some way to reduce market risk for your bank. VaR is a very useful tool.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is the author of the forthcoming book History of Money Laundering: How criminals got paid and got away.

Hybrid securities are securities that have features of both debt and equity.

Wall Street 1929

The classic example of a hybrid instrument is a convertible bond. This is, generally, a corporate bond with a condition attached to it. This condition states that if the equity shares of the corporation issuing the bond hits a certain valuation in the market, the bondholder will be allowed to exchange the bond for a certain number of shares. The number of shares is determined by the bond’s principal value, which is almost always $1000, and how many shares that principal could buy. For a buyer of bonds, this reduces the risk of losing out on exposure to equity if the issuing corporation does very well, without losing the status of a bond, which, as a debt, will be paid back before assets are distributed to non-debt liability holders. For the issuing corporation, usually the bonds hold a slightly lower interest rate than it would otherwise.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.

Risk Weighted Assets is more of a concept than an asset. When a bank lends money, there is a chance some of it will not be paid back. The “some” that might not be paid back is the RWA. The Capital Adequacy Requirement (CAR) requires banks to maintain a Risk-Based Capital Ratio. This is a simple calculation of dividing Regulatory Capital with RWA. Regulatory Capital is the amount of Tier 1 and 2 capital a bank is required to possess at all times. Ideally, a bank would like to have a high Regulatory Capital and low RWA. The risk weights inflate bank assets. While larger assets are considered a good thing on the balance sheet, generally, in this case it is not. RWA valuation is not used to meet the SEC filing requirements. It is used to meet the Basel III requirements. There are 26 classifications of assets with varying risks. Each classification requires the bank to multiply assets by a Basel II prescribed risk weight.

Conceptually, here is what RWA looks like:
The bank lends $100 to a borrower. This particular type of loan with this type of borrower has a significant chance of getting but just $95. Because the risk of lose if $5, the $100 is multiplied by 105%. For this $100 loan, it is a $105 RWA. Banks are required to hold 1/10 in the Risk-Based Capital Ratio. Without the RWA, the bank would have to hold $10 (1/10=$10/$100). But since the $100 is being changed to an RWA of $105, the bank now has to hold $10.50 (1/10=$10.5/$105).

GRC is an abbreviation for Governance, Risk and Compliance. These three functions are put together to increase efficiency and efficacy. Governance is responsible for overseeing the implementation of decisions made by the board of directors. Risk is responsible for analyzing all risks that impact revenue and operations. Compliance is responsible for meeting regulatory requirements to reduce, primarily, legal exposure. So, protect the integrity of management decisions, protect the business that makes the organization successful, and protect the organization from unnecessarily dealings with governments.

Going Through TSA

Depending on the industry, an organization maybe have licensed attorneys as heads of each of these areas. Other times, a separate legal department is created not just to deal with litigation issues but advising the organization on any combination of these three issues, there by allowing the organization to have functional and industry experts lead these areas. Governance can be lead by MIS or Audit professional – MIS means Management Information Systems. Risk can be lead by IT or operations professional – IT means Information Technology. Compliance can be led by Audit or front-office professional.

Front-office is a term used for the area of an organization that focuses on revenue and sales. Bankers in a bank are front-office professionals.

All three areas require a combinations of special knowledge.
Governance covers management issues, an understanding of operations, concerns of investors and shareholders and information being shared within the organization, both how and what. This person must have a strong understanding of the organization’s structure.

Risk covers capital requirements (if a bank), supply chain, losses from inefficiencies in the operations and the like. This person must have a strong understanding of how the business operates.

Compliance covers regulatory exams and responses, investigation, surveillance, monitoring, controls and policies and procedures, and sanctions (if a bank). This person must have a strong understanding of expectations by regulators as well as be a person who can persuade line-of-business professionals to buy-in to a set of rules for the whole organization to play by.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.

On Monday, January 26, Associations of Certified Anti-Money Laundering Specialists (hereon ACAMS) held its Third Annual AML Risk Management Conference at The Conrad Hotel in downtown New York. Over the course of this week, summaries and takeaways from the key notes and panel discussions will be shared in this blog.

David Szuchman, Executive Assistant Attorney and Chief of Investigation Division, New York County District Attorney’s Office

This panel consisted of three present or former prosecutors. Discussion topics ranged from prevention to remediation for both firms and individuals. These topics were discussed under the context of headline grabbing media reports about large banks. Here are ten takeaways:

Three things for firms and individuals to do to show wrongdoing was not criminal: SELF IDENTIFY wrongdoing, SELF REPORT to regulators, and SELF REMEDIATE wrongdoing with either corrections or plan to correct. – Arthur Middlemiss

Firms and individuals must keep up with the news to avoid common inadequacies that are found; it is expected for them.

Risk Assessment programs are a firm’s first and best line of defense against criminal action.

Criminal action against a firm used to be the said firm’s death sentence, but prosecutors have gone out of their way to make sure it isn’t by timing information flow and the market so that the criminal firm’s shareholders do not take a direct hit while firm’s cash takes a direct hit with penalties.

Willful ignorance is the worst defense for an individual both just as a professional and as a defense for wrongdoing. Willful ignorance is part of the crime.

Compliance Officers are asked to bear more professional risk. With it are higher compensation and higher professional risk. Try to avoid the risk from the very beginning, including negotiating during job interviews/offers.

In negotiating a Deferred Prosecution Agreements, don’t over-promise because DPA’s are conditional.

Compliance programs are an affirmative defense. Need to have them, need them to be implemented, and need documentation showing effort to get the rest of the firm involved.

Some offenses lead to investigation and review into other issues. Such are AML-related offenses, which could trigger a review of the bank charter.

Keep in mind that it is difficult to keep a firm out of compliance at the civil level, but there’s no excuse for not figuring out what it takes to keep the firm out of crimes.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.
He tweets @MoneyCompliance

On Monday, January 26, Associations of Certified Anti-Money Laundering Specialists (hereon ACAMS) held its Third Annual AML Risk Management Conference at The Conrad Hotel in downtown New York. Over the course of this week, summaries and takeaways from the key notes and panel discussions will be shared in this blog.

Regulators like to see consistency because it shows the effort an institution is putting into trying to be compliant.

Communicate to Boards of Directors that OCC would like to see more focus on compliance from them

Alert Suppression is okay and critical to executing priorities, but the alerts should be logged and revisited to keep the compliance programs up-to-date with the changing environment both ex-firm and intra-firm.

FINRA does not target individuals, though individuals will face penalties if found willfully unaware or intentionally non-compliant. FINRA focuses on systemic risks to protect investors.

FinCEN does not target individuals, especially trying to avoid dissuading the most talented compliance professionals from fleeing the most difficult problems.

Intra-firm talent development is key to today’s labor market where supply of veteran compliance officers are small compared to demand.

OCC intends to staff lead experts on all exams in the future.

The new OCC Exam Manual, published November 11, 2014, does not have much substantive changes, mostly it is an administrative update to make sure changes to exams since the last major update are documented.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.
He tweets @MoneyCompliance

On Monday, January 26, Associations of Certified Anti-Money Laundering Specialists (hereon ACAMS) held its Third Annual AML Risk Management Conference at The Conrad Hotel in downtown New York. Over the course of this week, summaries and takeaways from the key notes and panel discussions will be shared in this blog.

Adam Szubin is the exiting director of Office of Foreign Assets Control (OFAC) in the Department of Treasury. Soon, he will be the acting under secretary for Terrorism and Financial Intelligence, another office in the Treasury.

Szubin has a history of speaking at Financial Crimes-related conferences because of his long held position as the director of OFAC. Applauded members of ACAMS for doing their best to make Anti-Money Laundering profession a serious endeavor. Then he alerted to three nuanced risks for the profession.

CUBA was his first concern. As the United States lifts nearly all of its sanctions against the communist island nation this year, it opens up another route for corruption to take place.

RUSSIA was his second concern. OFAC’s Magnitsky Sanctions List enumerates targets explicitly, but not all activities are sanctioned and not all enumerated have been sanctioned the in the same manner. The theme of this sanction is debt and equity financing, or the limit thereof. This is a target on a crucial source of currency for Russia in order for it to succeed. The capital markets have also worked against Russia by lowering the price of oil, the primary source of revenue for Russia. It’s an additional wind behind OFAC’s sanctions.

IRAN was his final enumerated concerns. Even more nuanced than the previous two examples. Iran’s domestic politics indicate the type and length to which the regime is willing to evade western powers to fund terror.

Transparency is the key to successful sanctions compliance. Breach of compliance is often accidental. Finding breaches are difficult because often the breaches are in omnibus accounts. Also global trade cannot stop for complex business areas, like re-insurance of trans-ocean ships.

Because of the human nature of business, financial crimes will occur in some form or another. Professionals Certified Anti-Money Laundering Specialists greatly reduce the efficacy of criminal activities.

About the Author: Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.
He tweets @MoneyCompliance